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Abstract 


The Prefix Delegation options provide a mechanism for automated 
delegation of IPv6é prefixes using the Dynamic Host Configuration 
Protocol (DHCP). This mechanism is intended for delegating a long- 
lived prefix from a delegating router to a requesting router, across 
an administrative boundary, where the delegating router does not 
require knowledge about the topology of the links in the network to 
which the prefixes will be assigned. 
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1. Introduction 


This document describes new options for Dynamic Host Configuration 
Protocol (DHCP) that provide a mechanism for the delegation of IPv6 
prefixes [1]. Through these options, a delegating router can 
delegate prefixes to authorized requesting routers. 


The prefix delegation mechanism described in this document is 
intended for simple delegation of prefixes from a delegating router 
to requesting routers. It is appropriate for situations in which the 
delegating router does not have knowledge about the topology of the 
networks to which the requesting router is attached, and the 
delegating router does not require other information aside from the 
identity of the requesting router to choose a prefix for delegation. 
For example, these options would be used by a service provider to 
assign a prefix to a Customer Premise Equipment (CPE) device acting 
as a router between the subscriber’s internal network and the service 
provider’s core network. 


Many applications expect stable addresses. Even though this 
mechanism makes automatic renumbering easier, it is expected that 
prefixes have a long lifespan. During renumbering it is expected 
that the old and the new prefix co-exist for some time. 


The design of this prefix delegation mechanism meets the requirements 
for prefix delegation in Requirements for IPv6 prefix delegation [6]. 


Note that this use of DHCP is not bound to the assignment of IP 
addresses or other configuration information to hosts, and that no 
mechanism is currently available to communicate delegated prefixes to 
a DHCP server that serves such a function. This may be an item of 
future work, should usage warrant. 
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DHCPv6 specification dependency 


This document describes new DHCPv6 options for IPv6é prefix 
delegation. This document should be read in conjunction with the 
DHCPv6 specification, RFC 3315 [2], for a complete specification of 
the Prefix Delegation options and mechanism. Definitions for terms 
and acronyms not specifically defined in this document are defined in 
RFC 3315. 


Terminology 


This document uses the terminology defined in RFC 2460 [1] and RFC 
3315. In addition, this document uses the following terms: 


requesting router: The router that acts as a DHCP client and is 
requesting prefix(es) to be assigned. 


delegating router: The router that acts as a DHCP server, and is 
responding to the prefix request. 


Identity Association for Prefix Delegation (IA_PD): A collection of 
prefixes assigned to the requesting router. Each 
IA_PD has an associated IAID. A requesting 
router may have more than one IA_PD assigned to 
it; for example, one for each of its interfaces. 


Requirements 


The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, 
SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this 
document, are to be interpreted as described in BCP 14, RFC 2119 [3]. 


Model and Applicability 


The model of operation for prefix delegation is as follows. A 
delegating router is provided IPv6 prefixes to be delegated to 
requesting routers. Examples of ways in which the delegating router 
may be provided these prefixes are given in Section 12.2. A 
requesting router requests prefix(es) from the delegating router, as 
described in Section 12.1. The delegating router chooses prefix(es) 
for delegation, and responds with prefix(es) to the requesting 
router. The requesting router is then responsible for the delegated 
prefix(es). For example, the requesting router might assign a subnet 
from a delegated prefix to one of its interfaces, and begin sending 
router advertisements for the prefix on that link. 
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Each prefix has an associated valid and preferred lifetime, which 
constitutes an agreement about the length of time over which the 
requesting router is allowed to use the prefix. A requesting router 
can request an extension of the lifetimes on a delegated prefix and 
is required to terminate the use of a delegated prefix if the valid 
lifetime of the prefix expires. 


This prefix delegation mechanism would be appropriate for use by an 
ISP to delegate a prefix to a subscriber, where the delegated prefix 
would possibly be subnetted and assigned to the links within the 
subscriber’s network. 


5.1. Example network architecture 


Figure 1 illustrates a network architecture in which prefix 
delegation could be used. 


\ 
/ \ \ 
| ISP core network | \ 
\ | / | 
+------- +------- + 
| Aggregation | | ISP 
| device | | network 
| (delegating | | 
| router) | | 
+------—- +------—- + | 
| / 
|DSL to subscriber / 
|premises / 
t------ t------ + \ 
CPE \ 
(requesting \ 
router) | | 
+----+---+----+ | 
| | | Subscriber 
---+-------------— +----—- +- -+----- +------------—- +--- | network 
aoe ----- + +----- Tac foc! ----- + +----- tes 
|Subscriber| |Subscriber| |Subscriber| |Subscriber| / 
PC | | PC | | PC | | PC | 7 
+---------- + 4+---------- + +---------- + 4+---------- + / 


Figure 1: An example of prefix delegation. 
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In this example, the delegating router is configured with a set of 
prefixes to be used for assignment to customers at the time of each 
customer’s first connection to the ISP service. The prefix 
delegation process begins when the requesting router requests 
configuration information through DHCP. The DHCP messages from the 
requesting router are received by the delegating router in the 
aggregation device. When the delegating router receives the request, 
it selects an available prefix or prefixes for delegation to the 
requesting router. The delegating router then returns the prefix or 
prefixes to the requesting router. 


The requesting router subnets the delegated prefix and assigns the 
longer prefixes to links in the subscriber’s network. In a typical 
scenario based on the network shown in Figure 1, the requesting 
router subnets a single delegated /48 prefix into /64 prefixes and 
assigns one /64 prefix to each of the links in the subscriber 
network. 


The prefix delegation options can be used in conjunction with other 
DHCP options carrying other configuration information to the 
requesting router. The requesting router may, in turn, then provide 
DHCP service to hosts attached to the internal network. For example, 
the requesting router may obtain the addresses of DNS and NIP servers 
from the ISP delegating router, and then pass that configuration 
information on to the subscriber hosts through a DHCP server in the 
requesting router. 


6. Identity Association for Prefix Delegation 


An IA_PD is a construct through which a delegating router anda 
requesting router can identify, group and manage a set of related 
IPv6 prefixes. Each IA_PD consists of an IAID and associated 
configuration information. An IA_PD for prefixes is the equivalent 
of an IA (described in RFC 3315) for addresses. 


An IA_PD is different from an IA, in that it does not need to be 
associated with exactly one interface. One IA_PD can be associated 
with the requesting router, with a set of interfaces or with exactly 
one interface. A requesting router must create at least one distinct 
IA_PD. It may associate a distinct IA_PD with each of its downstream 
network interfaces and use that IA_PD to obtain a prefix for that 
interface from the delegating router. 


The IAID uniquely identifies the IA_PD and must be chosen to be 
unique among the IA_PD IAIDs on the requesting router. The IAID is 
chosen by the requesting router. For any given use of an IA_PD by 
the requesting router, the IAID for that IA_PD MUST be consistent 
across restarts of the requesting router. The requesting router may 
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maintain consistency either by storing the IAID in non-volatile 
storage or by using an algorithm that will consistently produce the 
same IAID as long as the configuration of the requesting router has 
not changed. If the requesting router uses only one IAID, it can use 
a well-known value, e.g., zero. 


The configuration information in an IA_PD consists of one or more 
IPv6 prefixes along with the times Tl and T2 for the IA_PD. See 
section 9 for the representation of an IA_PD in a DHCP message. 


7. Overview of DHCP with Prefix Delegation 


Prefix delegation with DHCP is independent of address assignment with 
DHCP. A requesting router can use DHCP for just prefix delegation or 
for prefix delegation along with address assignment and other 
configuration information. 


A requesting router first creates an IA_PD and assigns it an IAID. 
The requesting router then transmits a Solicit message containing an 
IA_PD option describing the IA_PD. Delegating routers that can 
delegate prefixes to the IA_PD respond to the requesting router with 
an Advertise message. 


The requesting router may include prefixes in the IA_PDs as a hint to 
the delegating router about specific prefixes for which the 
requesting router has a preference. 


When the requesting router has identified a delegating router, the 
requesting router uses a Request message to populate the IA_PDs with 
prefixes. The requesting router includes one or more IA_PD options 
in the Request message. The delegating router returns prefixes and 
other information about the IA_PDs to the requesting router in IA_PD 
options in a Reply message. The requesting router records the 
lifetimes for the delegated prefix(es) and uses the prefix(es) as 
described in the previous section. 


Before the valid lifetime on each delegated prefix expires, the 
requesting router includes the prefix in an IA_PD option sent ina 
Renew message to the delegating router. The delegating router 
responds by returning the prefix with updated lifetimes to the 
requesting router. 
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Interface Selection 


Delegated prefixes are not associated with a particular interface in 
the same way as addresses are for address assignment, and the rules 
described in section 16, "Client Source Address and Interface 
Selection" of RFC 3315 do not apply. 


When a requesting router sends a DHCP message, it SHOULD be sent on 
the interface associated with the upstream router (ISP network). The 
upstream interface is typically determined by configuration. This 
rule applies even in the case where a separate IA_PD is used for each 
downstream interface. 


When a requesting router sends a DHCP message directly to a 
delegating router using unicast (after receiving the Server Unicast 
option from that delegating router), the source address SHOULD be an 
address from the upstream interface and which is suitable for use by 
the delegating router in responding to the requesting router. 


Identity Association for Prefix Delegation Option 


The IA_PD option is used to carry a prefix delegation identity 
association, the parameters associated with the IA_PD and the 
prefixes associated with it. 


The format of the IA_PD option is: 


0 1 2 3 
OLA 84 Oe 6 TF BOO Or D2 BAS SB) OAs 23-36) FB Oe oT. 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| OPTION_IA_PD | option-length | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| IAID (4 octets) | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| T1 | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| T2 | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 


IA_PD-options 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
option-code: OPTION_IA_PD (25) 


option-length: 12 + length of IA_PD-options field. 
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IAID: The unique identifier for this IA_PD; the IAID must 
be unique among the identifiers for all of this 
requesting router's IA_ PDs. 


Til; The time at which the requesting router should 
contact the delegating router from which the 
prefixes in the IA_PD were obtained to extend the 
lifetimes of the prefixes delegated to the IA_PD; 
Tl is a time duration relative to the current time 
expressed in units of seconds. 


T2 The time at which the requesting router should 
contact any available delegating router to extend 
the lifetimes of the prefixes assigned to the 
IA_PD; T2 is a time duration relative to the 
current time expressed in units of seconds. 


IA_PD-options: Options associated with this IA_PD. 


The IA_PD-options field encapsulates those options that are specific 
to this IA_PD. For example, all of the IA_PD Prefix Options carrying 
the prefixes associated with this IA_PD are in the IA_PD-options 
field. 


An IA_PD option may only appear in the options area of a DHCP 
message. A DHCP message may contain multiple IA_PD options. 


The status of any operations involving this IA_PD is indicated ina 
Status Code option in the IA_PD-options field. 


Note that an IA_PD has no explicit "lifetime" or "lease length" of 
its own. When the valid lifetimes of all of the prefixes in a IA_PD 
have expired, the IA_PD can be considered as having expired. T1 and 
T2 are included to give delegating routers explicit control over when 
a requesting router should contact the delegating router about a 
specific IA_PD. 


In a message sent by a requesting router to a delegating router, 
values in the Tl and T2 fields indicate the requesting router’s 
preference for those parameters. The requesting router sets Tl and 
T2 to zero if it has no preference for those values. In a message 
sent by a delegating router to a requesting router, the requesting 
router MUST use the values in the Tl and T2 fields for the Tl and T2 
parameters. The values in the Tl and T2 fields are the number of 
seconds until Tl and T2. 


The delegating router selects the T1 and T2 times to allow the 
requesting router to extend the lifetimes of any prefixes in the 
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IA_PD before the lifetimes expire, even if the delegating router is 
unavailable for some short period of time. Recommended values for T1 
and T2 are .5 and .8 times the shortest preferred lifetime of the 
prefixes in the IA_PD that the delegating router is willing to 
extend, respectively. If the time at which the prefixes in an IA_PD 
are to be renewed is to be left to the discretion of the requesting 
router, the delegating router sets T1 and T2 to 0. 


If a delegating router receives an IA_PD with Tl greater than T2, and 
both T1 and T2 are greater than 0, the delegating router ignores the 
invalid values of Tl and T2 and processes the IA_PD as though the 
delegating router had set T1 and T2 to 0. 


If a requesting router receives an IA_PD with Tl greater than T2, and 
both T1 and T2 are greater than 0, the client discards the IA_PD 
option and processes the remainder of the message as though the 
delegating router had not included the IA_PD option. 


TA_PD Prefix option 


The IA_PD Prefix option is used to specify IPv6 address prefixes 
associated with an IA_PD. The IA_PD Prefix option must be 
encapsulated in the IA_PD-options field of an IA_PD option. 


The format of the IA_PD Prefix option is: 


0 al 2 3 
OPT 26.39 Ae F689 OT 2 3A 56 7-8: O20) 1 2B Ar OF 82 Oe Oe. 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| OPTION_IAPREFIX | option-length | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| preferred-lifetime | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| valid-lifetime | 
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
| prefix-length | | 

+-+-+-+-+-+-+-+-+ IPv6 prefix 
| (16 octets) | 


| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
+-+-+-+-+-+-+-+-+ 
IAprefix-options 


+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 
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option-code: OPTION_IAPREFIX (26) 
option-length: 25 + length of IAprefix-options field 


preferred-lifetime: The recommended preferred lifetime for the IPv6 
prefix in the option, expressed in units of 
seconds. A value of OxFFFFFFFF represents 
infinity. 


valid-lifetime: The valid lifetime for the IPv6 prefix in the 
option, expressed in units of seconds. A value of 
OxFFFFFFFF represents infinity. 


prefix-length: Length for this prefix in bits 
IPv6-prefix: An IPv6é prefix 
TAprefix—-options: Options associated with this prefix 


In a message sent by a requesting router to a delegating router, the 
values in the fields can be used to indicate the requesting router’s 
preference for those values. The requesting router may send a value 
of zero to indicate no preference. A requesting router may set the 
IPv6 prefix field to zero and a given value in the prefix-length 
field to indicate a preference for the size of the prefix to be 
delegated. 


In a message sent by a delegating router the preferred and valid 
lifetimes should be set to the values of AdvPreferredLifetime and 
AdvValidLifetime as specified in section 6.2.1, "Router Configuration 
Variables" of RFC 2461 [4], unless administratively configured. 


A requesting router discards any prefixes for which the preferred 
lifetime is greater than the valid lifetime. A delegating router 
ignores the lifetimes set by the requesting router if the preferred 
lifetime is greater than the valid lifetime and ignores the values 
for Tl and T2 set by the requesting router if those values are 
greater than the preferred lifetime. 


The values in the preferred and valid lifetimes are the number of 
seconds remaining for each lifetime. 


An IA_PD Prefix option may appear only in an IA_PD option. More than 
one IA_PD Prefix Option can appear in a single IA_PD option. 


The status of any operations involving this IA_PD Prefix option is 
indicated in a Status Code option in the IAprefix-options field. 
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Delegating Router Solicitation 


The requesting router locates and selects a delegating router in the 
same way as described in section 17, "DHCP Server Solicitation" of 
RFC 3315. The details of the solicitation process are described in 
this section. 


.1. Requesting router behavior 


The requesting router creates and transmits a Solicit message as 
described in sections 17.1.1, "Creation of Solicit Messages" and 
17.1.2, "Transmission of Solicit Messages" of RFC 3315. The 
requesting router creates an IA_PD and assigns it an IAID. The 
requesting router MUST include the IA_PD option in the Solicit 
message. 


The requesting router processes any received Advertise messages as 
described in section 17.1.3, “Receipt of Advertise Messages" of RFC 
3315. The requesting router MAY choose to consider the presence of 
advertised prefixes in its decision about which delegating router to 
respond to. 


The requesting router MUST ignore any Advertise message that includes 
a Status Code option containing the value NoPrefixAvail, with the 
exception that the requesting router MAY display the associated 
status message to the user. 


-2. Delegating router behavior 


The delegating router sends an Advertise message to the requesting 
router in the same way as described in section 17.2.2, "Creation and 
transmission of Advertise messages" of RFC 3315. If the message 
contains an IA_PD option and the delegating router is configured to 
delegate prefix(es) to the requesting router, the delegating router 
selects the prefix(es) to be delegated to the requesting router. The 
mechanism through which the delegating router selects prefix(es) for 
delegation is not specified in this document. Examples of ways in 
which the delegating router might select prefix(es) for a requesting 
router include: static assignment based on subscription to an ISP; 
dynamic assignment from a pool of available prefixes; selection based 
on an external authority such as a RADIUS server using the Framed- 
IPv6-Prefix option as described in RFC 3162 [5]. 


If the requesting router includes an IA_PD Prefix option in the IA_PD 
option in its Solicit message, the delegating router MAY choose to 
use the information in that option to select the prefix(es) or prefix 
size to be delegated to the requesting router. 
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The delegating router sends an Advertise message to the requesting 
router in the same way as described in section, "Creation and 
transmission of Advertise messages" of RFC 3315. The delegating 
router MUST include an IA_PD option, identifying any prefix (es) that 
the delegating router will delegate to the requesting router. 


If the delegating router will not assign any prefixes to any IA PDs 
in a subsequent Request from the requesting router, the delegating 
router MUST send an Advertise message to the requesting router that 
includes the IA_PD with no prefixes in the IA_PD and a Status Code 
option in the IA_PD containing status code NoPrefixAvail and a status 
message for the user, a Server Identifier option with the delegating 
router’s DUID and a Client Identifier option with the requesting 
router’s DUID. 


Requesting router initiated prefix delegation 


A requesting router uses the same message exchanges as described in 
section 18, "DHCP Client-Initiated Configuration Exchange" of RFC 
3315 to obtain or update prefix(es) from a delegating router. The 
requesting router and the delegating router use the IA_PD Prefix 
option to exchange information about prefix(es) in much the same way 
IA Address options are used for assigned addresses. 


1. Requesting router behavior 


The requesting router uses a Request message to populate IA_PDs with 
prefixes. The requesting router includes one or more IA_PD options 
in the Request message. The delegating router then returns the 
prefixes for the IA_PDs to the requesting router in IA_PD options in 
a Reply message. 


The requesting router includes IA_PD options in any Renew, or Rebind 
messages sent by the requesting router. The IA_PD option includes 
all of the prefixes the requesting router currently has associated 
with that IA_PD. 


In some circumstances the requesting router may need verification 
that the delegating router still has a valid binding for the 
requesting router. Examples of times when a requesting router may 
ask for such verification include: 

o The requesting router reboots. 


o The requesting router’s upstream link flaps. 


o The requesting router is physically disconnected from a wired 
connection. 
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If such verification is needed the requesting router MUST initiate a 
Rebind/Reply message exchange as described in section 18.1.4, 
"Creation and Transmission of Rebind Messages" of RFC 3315, with the 
exception that the retransmission parameters should be set as for the 
Confirm message, described in section 18.1.2, "Creation and 
Transmission of Confirm Messages" of RFC 3315. The requesting router 
includes any IA_PDs, along with prefixes associated with those IA_PDs 
in its Rebind message. 


Each prefix has valid and preferred lifetimes whose durations are 
specified in the IA_PD Prefix option for that prefix. The requesting 
router uses Renew and Rebind messages to request the extension of the 
lifetimes of a delegated prefix. 


The requesting router uses a Release message to return a delegated 
prefix to a delegating router. The prefixes to be released MUST be 
included in the IA_PDs. 


The Confirm and Decline message types are not used with Prefix 
Delegation. 


Upon the receipt of a valid Reply message, for each IA_PD the 
requesting router assigns a subnet from each of the delegated 
prefixes to each of the links to which the associated interfaces are 
attached, with the following exception: the requesting router MUST 
NOT assign any delegated prefixes or subnets from the delegated 
prefix(es) to the link through which it received the DHCP message 
from the delegating router. 


When a requesting router subnets a delegated prefix, it must assign 
additional bits to the prefix to generate unique, longer prefixes. 
For example, if the requesting router in Figure 1 were delegated 
3FFE:FFFF:0::/48, it might generate 3FFE:FFFF:0:1::/64 and 
3FFE:FFFF:0:2::/64 for assignment to the two links in the subscriber 
network. If the requesting router were delegated 3FFE:FFFF:0::/48 
and 3FFE:FFFF:5::/48, it might assign 3FFE:FFFF:0:1::/64 and 
3FFE:FFFF:5:1::/64 to one of the links, and 3FFE:FFFF:0:2::/64 and 
3FFE:FFFF:5:2::/64 for assignment to the other link. 


If the requesting router assigns a delegated prefix to a link to 
which the router is attached, and begins to send router 
advertisements for the prefix on the link, the requesting router MUST 
set the valid lifetime in those advertisements to be no later than 
the valid lifetime specified in the IA_PD Prefix option. A 
requesting router MAY use the preferred lifetime specified in the 
TA_PD Prefix option. 
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Handling of Status Codes options in received Reply messages is 
described in section 18.1.8, "Receipt of Reply Messages" of RFC 3315. 
The NoPrefixAvail Status Code is handled in the same manner as the 
NoAddrsAvail Status Code. 


-2. Delegating Router behavior 


When a delegating router receives a Request message from a requesting 
router that contains an IA_PD option, and the delegating router is 
authorized to delegate prefix(es) to the requesting router, the 
delegating router selects the prefix(es) to be delegated to the 
requesting router. The mechanism through which the delegating router 
selects prefix(es) for delegation is not specified in this document. 
Section 11.2 gives examples of ways in which a delegating router 
might select the prefix(es) to be delegated to a requesting router. 


A delegating router examines the prefix(es) identified in IA_PD 
Prefix options (in an IA_PD option) in Renew and Rebind messages and 
responds according to the current status of the prefix(es). The 
delegating router returns IA_PD Prefix options (within an IA_PD 
option) with updated lifetimes for each valid prefix in the message 
from the requesting router. If the delegating router finds that any 
of the prefixes are not in the requesting router’s binding entry, the 
delegating router returns the prefix to the requesting router with 
lifetimes of 0. 


The delegating router behaves as follows when it cannot find a 
binding for the requesting router’s IA_PD: 


Renew message: If the delegating router cannot find a binding 
for the requesting router’s IA_PD the delegating 
router returns the IA_PD containing no prefixes 
with a Status Code option set to NoBinding in the 
Reply message. 


Rebind message: If the delegating router cannot find a binding 
for the requesting router’s IA_PD and the 
delegating router determines that the prefixes in 
the IA_PD are not appropriate for the link to 
which the requesting router’s interface is 
attached according to the delegating routers 
explicit configuration, the delegating router MAY 
send a Reply message to the requesting router 
containing the IA_PD with the lifetimes of the 
prefixes in the IA_PD set to zero. This Reply 
constitutes an explicit notification to the 
requesting router that the prefixes in the IA_PD 
are no longer valid. If the delegating router is 
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unable to determine if the prefix is not 
appropriate for the link, the Rebind message is 
discarded. 


A delegating router may mark any prefix(es) in IA_PD Prefix options 
in a Release message from a requesting router as "available", 
dependent on the mechanism used to acquire the prefix, e.g., in the 
case of a dynamic pool. 


The delegating router MUST include an IA_PD Prefix option or options 
(in an IA_PD option) in Reply messages sent to a requesting router. 


Prefix Delegation reconfiguration 


This section describes prefix delegation in Reconfigure message 
exchanges. 


1. Delegating Router behavior 


The delegating router initiates a configuration message exchange with 
a requesting router, as described in section 19, "DHCP Server- 
Initiated Configuration Exchange" of RFC 3315, by sending a 
Reconfigure message (acting as a DHCP server) to the requesting 
router, as described in section 19.1, "Server Behavior" of RFC 3315. 
The delegating router specifies the IA_PD option in the Option 
Request option to cause the requesting router to include an IA_PD 
option to obtain new information about delegated prefix(es). 


-2. Requesting Router behavior 


The requesting router responds to a Reconfigure message, acting as a 
DHCP client, received from a delegating router as described in 
section 19.4, "Client Behavior" of RFC 3315. The requesting router 
MUST include the IA_PD Prefix option(s) (in an IA_PD option) for 
prefix(es) that have been delegated to the requesting router by the 
delegating router from which the Reconfigure message was received. 


Relay agent behavior 


A relay agent forwards messages containing Prefix Delegation options 
in the same way as described in section 20, "Relay Agent Behavior" of 
RFC 3315. 


If a delegating router communicates with a requesting router through 
a relay agent, the delegating router may need a protocol or other 
out-of-band communication to add routing information for delegated 
prefixes into the provider edge router. 
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Security Considerations 


Security considerations in DHCP are described in section 23, 
"Security Considerations" of RFC 3315. 


A rogue delegating router can issue bogus prefixes to a requesting 
router. This may cause denial of service due to unreachability. 


A malicious requesting router may be able to mount a denial of 
service attack by repeated requests for delegated prefixes that 
exhaust the delegating router’s available prefixes. 


To guard against attacks through prefix delegation, requesting 
routers and delegating routers SHOULD use DHCP authentication as 
described in section 21, "Authentication of DHCP messages" of RFC 
3315. For point to point links, where one trusts that there is no 
man in the middle, or one trusts layer two authentication, DHCP 
authentication or IPsec may not be necessary. Because a requesting 
router and delegating routers must each have at least one assigned 
IPv6 address, the routers may be able to use IPsec for authentication 
of DHCPv6 messages. The details of using IPsec for DHCPv6 are under 
development. 


Networks configured with delegated prefixes should be configured to 
preclude intentional or inadvertent inappropriate advertisement of 
these prefixes. 

IANA Considerations 
IANA has assigned option codes to: 
OPTION_IA_PD (25) 


OPTION_IAPREFIX (26) 


from the option-code space as defined in section 24.3, "DHCP Options" 
of RFC 3315. 


IANA has assigned status code 6 to: 


NoPrefixAvail: Delegating router has no prefixes available to 
assign to the IAPD(s) 


from the status-code space as defined in section 24.4, "Status Codes" 
of RFC 3315. 
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Intellectual Property Statement 


The IETF takes no position regarding the validity or scope of any 
intellectual property or other rights that might be claimed to 
pertain to the implementation or use of the technology described in 
this document or the extent to which any license under such rights 
might or might not be available; neither does it represent that it 


has made any effort to identify any such rights. Information on the 
IETF’s procedures with respect to rights in standards-track and 
standards-related documentation can be found in BCP-11. Copies of 


claims of rights made available for publication and any assurances of 
licenses to be made available, or the result of an attempt made to 
obtain a general license or permission for the use of such 
proprietary rights by implementors or users of this specification can 
be obtained from the IETF Secretariat. 


The IETF invites any interested party to bring to its attention any 
copyrights, patents or patent applications, or other proprietary 
rights which may cover technology that may be required to practice 
this standard. Please address the information to the IETF Executive 
Director. 
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